Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

UpdaterTag.dll

windows7-x64

10

UpdaterTag.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    UpdaterTag.dll

  • Size

    72KB

  • Sample

    250209-cxxefatnhq

  • MD5

    4d3511cedaddff8cdd991c1bcbbbf274

  • SHA1

    9a6dcaa5d0a6bc5dc0e525d8495f81776c89f457

  • SHA256

    25df81bebae736bf7e5cc42ef18b4756d1de8cd2cd4f1e508b6bf5108bac69e7

  • SHA512

    3f201909ec716f5dd64df459d760ac44f9c2b14bec1a91ef68882c1817ed29564028bfc829be8998490f583895eb7f93a2b600c8472cd4781aaf1aa34a165918

  • SSDEEP

    768:Vz7vRTYS4Oi5ONdWJ7HRCRuVnjhaQu7SDqRefml4I4QDqauXj57CHf8Idi+a7dHU:Vzh7eO6hHRCwhBfml4I6z5If8INaJ0

Score
10/10
latrodectusdiscoveryloader

Malware Config

Extracted

Family

latrodectus

Version

1.4

C2

https://apworsindos.com/test/

https://reminasolirol.com/test/
Attributes
  • group

    Mimikast

  • user_agent

    Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Tob 1.1)

aes.hex

Targets

    • Target

      UpdaterTag.dll

    • Size

      72KB

    • MD5

      4d3511cedaddff8cdd991c1bcbbbf274

    • SHA1

      9a6dcaa5d0a6bc5dc0e525d8495f81776c89f457

    • SHA256

      25df81bebae736bf7e5cc42ef18b4756d1de8cd2cd4f1e508b6bf5108bac69e7

    • SHA512

      3f201909ec716f5dd64df459d760ac44f9c2b14bec1a91ef68882c1817ed29564028bfc829be8998490f583895eb7f93a2b600c8472cd4781aaf1aa34a165918

    • SSDEEP

      768:Vz7vRTYS4Oi5ONdWJ7HRCRuVnjhaQu7SDqRefml4I4QDqauXj57CHf8Idi+a7dHU:Vzh7eO6hHRCwhBfml4I6z5If8INaJ0

    Score
    10/10
    latrodectusloaderdiscovery

    • Detects Latrodectus

      Detects Latrodectus v1.4.

    • Latrodectus family

      latrodectus

    • Latrodectus loader

      Latrodectus is a loader written in C++.

      loaderlatrodectus

    • Downloads MZ/PE file

    • Deletes itself

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks